<?php
include 'connectdb.php';
if (isset($_POST['user'])) {
   $type = is_user($_POST['user'], $_POST['pass']);
   if ($type > 0) {
      setcookie("name", $_POST['user'], time() + 60 * 60);
      setcookie("type", $type, time()+60*60);
      //echo "xin chao ac" .$_POST['user'];
      return true;
   } else {
      //echo "\n<h1>WRONG PASSWORD or USERNAME DOES NOT EXIST</h1>";
      header("HTTP/1.0 404 Not Found");
      header('HTTP', true, 500);
   }
}

// need to be rewritten with the connection to MySQL
function is_user($user, $pass) {   
   $result = mysql_query("select * from admin");
   while ($rows = mysql_fetch_array($result)) {
      if (($user == $rows['username']) && ($pass == $rows['password'])) {
         return 2;
      }
   }   
   $result = mysql_query("select * from seller");
   while ($rows = mysql_fetch_array($result)) {
      if (($user == $rows['code']) && ($pass == $rows['password'])) {
         return 1;
      }
   }   
   return 0;
}

?>